Monitoring and Investigating Human Rights Risk in the Supply Chain

We’d like to think we live in a world in which all jobs are opportunities that come with protections for personal safety and sovereignty. But for many workers around the world, their labor is the product of coercion and exploitation. A recent study by the International Labour Organization (ILO), a U.N. agency, found that forced labor generates $236 billion a year in illegal profits. The study found that higher levels of exploitation correlated to higher profits, and traffickers and criminals can generate around $10,000 per victim of forced labor. (See “New Study Reports Widespread Forced Labor Abuses,” Voice of America, March 19, tinyurl.com/bddutfc5.) In this column, I’ll explain what this all has to do with Certified Fraud Examiners (CFEs), but first, let’s examine what “forced labor” means.

What is forced labor?
According to the ILO, forced labor (or compulsory labor) is any work or service that’s exacted from a person under the threat of penalty and for which that person hasn’t offered on their own. The U.N. says that the notion of “threat of penalty” should be understood broadly to include imprisonment; the threat or use of physical

violence; psychological coercion; and restrictions on freedom, including preventing movement outside the worksite. Perpetrators of forced labor may threaten to harm a worker’s family, expose a worker to authorities, or withhold identity documents or wages. These threats often compel a worker to stay in hopes of being paid. According to the U.N., the terms “forced labor” and “modern slavery” are often used interchangeably as they overlap. But the general definition of modern slavery differs in its inclusion of forced marriage. (See “Forced Labour,” U.N. Global Compact, tinyurl.com/29znt2ut.)

Driving more awareness:
Applicable risks and laws Organizations must be cognizant of forced labor and its risks. Although a business might not engage in forced labor practices, it could occur within the supply chain. The U.N. boils the risks down into four main categories:

Reputational and brand risk. Campaigns by nongovernmental organizations (NGOs), trade unions, consumers and other stakeholders against multinational companies can result in reduced sales and brand erosion. Dissemination of negative stories can have a lasting impact on customers, employees and the local communities where the company does business.
Financial risk. As the U.N. describes, consumer boycotts against companies accused of forced labor in their supply chains can result in reduced sales. Divestment, avoidance or increased costs incurred by investors and finance providers, many of which are increasingly applying environmental, social and governance (ESG) criteria to their decision-making, can result in reduced shareholder value.
Legal risk. Modern slavery legislation, which may include mandatory due diligence and reporting, increases compliance risks. Several European countries and the EU have passed consequential extraterritorial legislation targeting forced labor. This increases the legal risks for companies that fail to ensure that their operations and value chains are compliant with laws.
Operational risk. Discovery of forced labor may result in disruption when companies make changes to their supply chains. For example, company leaders may terminate supplier contracts (resulting in potentially higher costs or operational disruption) and direct sourcing activities to lower-risk locations. Additionally, the company will need to dedicate internal resources to monitor compliance and address any allegations. This is particularly the case if the company hasn’t established proper due diligence procedures, supply-chain monitoring and internal controls.

What factors do global companies need to consider for a good anti-forced labor program? I posed this question to Andrew McBride, former chief risk officer of Albemarle Corporation, the largest lithium producer in the world. McBride left the company in early 2024, but during his tenure he and his team received Compliance Week’s Compliance Program of the Year award for improving the organization’s overall compliance and fraud risk management program, which included strong human rights-monitoring controls. McBride highlights three key elements to manage modern slavery risk in a company’s supply chain (identifying conflict-sensitive minerals in raw materials; conducting modern slavery due diligence and audits; and supply chain mapping and collation of supporting documentation)and explains how CFEs can support these efforts.

Identifying conflict-sensitive minerals in raw materials
Since August 2012, when the U.S. Securities and Exchange Commission (SEC) issued its final rules regarding conflict minerals as defined in section 1502 of the Dodd–Frank Wall Street Reform and Consumer Protection Act, the topic of human rights was a risk consideration for many global organizations. Global companies assessed their supply chains for conflict minerals risks. “Conflict minerals,” as defined by the U.S. legislation, includes the metals tantalum, tin, tungsten and gold (3TG), mined around the world. But they posed a particular risk in the Democratic Republic of Congo (DRC) where forced labor was allegedly being used to mine such metals. Under Dodd-Frank, downstream companies needed to understand and document whether they were sourcing parts or materials that might contain 3TG and survey or assess if it’s from DRC. The initiative lasted a few years after 2012, and companies spent significant resources (internally and with outside service providers and law firms) conducting vendor due diligence surveys and tests in the supply chain for 3TG. (See “Disclosing the Use of Conflict Minerals,” SEC Fact Sheet, June 28, tinyurl.com/2vc45kpb.) According to McBride, any of the 3TG minerals embedded in your supply chain can be a risk to your company. “It goes beyond just doing due diligence on your supplier. It also goes into who is your supplier’s supplier, up the value chain.”

Through the Responsible Minerals Initiative (RMI), mining and metals industries collectively adopted a Conflict Minerals Reporting Template to help minerals processors demonstrate responsible sourcing practices through an independent audit process and to help companies identify the ultimate minerals processor. McBride emphasizes that understanding how goods are sourced all the way up the supply chain is important. RMI has information on new minerals at risk, templates, due diligence guidance and audit programs at responsiblemineralsinitiative.org.

The success of RMI for 3TG has prompted the release of additional reporting templates for other human rights-sensitive minerals, including cobalt, mica, aluminum, copper, iron, lithium, nickel, rare earth elements and zinc. (See “Conflict Minerals Reporting Template,” RMI, tinyurl.com/337s6hxx.)

The EU Conflict Minerals Regulation is broader in scope, requiring appropriate diligence and reporting for any mineral directly or indirectly sourced from a conflict-affected and high-risk area (CAHRA). (See “Conflict Minerals Regulation,” European Commission, tinyurl.com/2cdk6tw2.)

How CFEs can help
CFEs’ familiarity with enterprise resource planning (ERP) systems means they can support company efforts to identify the presence of such minerals in the company’s raw materials. This can include conducting analytics to identify:

Conflict-sensitive minerals in raw materials through analysis of product stock-keeping units (SKU) or bills of materials.
Raw materials sourced directly or indirectly from suppliers in CAHRA (through information contained in bills of lading and other customs related documentation).

Conducting modern slavery due diligence and audits
Human rights risk in the supply chain isn’t limited to minerals. It also affects service providers, such as temporary labor; engineering, procurement and construction (EPC) contractors; freight forwarders/shipping; and downstream processors of raw materials in the garment industry.

Organisation for Economic Co-operation and Development (OECD) guidance, the German Supply Chain Act and forthcoming EU corporate sustainability due diligence (CSDD) legislation focus on conducting broader human rights and environmental due diligence and appropriate remediation. (See “OECD Due Diligence Guidance For Responsible Business Conduct,” OECD, 2018, tinyurl. com/bdduf22v; “Supply Chain Act,” CSR, tinyurl.com/kmhy8m92; “Corporate sustainability due diligence”; and European Commission, tinyurl.com/ yc2xaa7v.)

Companies need a risk-based approach to due diligence and audits, similar to that undertaken to manage fraud and corruption risk. There’s just one caveat: When a direct or indirect supplier presents forced labor risks, companies are expected to work with that supplier to remediate the risk and not terminate the relationship.

How CFEs can help
CFEs can help organizations mitigate human rights violations risk by:

Using analytics and due diligence data to identify other types of humanrights-sensitive suppliers beyond raw materials.
Providing input into the alignment of modern slavery due diligence with other types of screening/due diligence and with broader procurement governance and supply chain risk management systems.
Partnering with compliance personnel to conduct due diligence and source specialized providers of on-site human rights audits, where appropriate.
Analyzing purchase order and invoiceline items details (via keyword search) for sensitive terms or activities, among other analytical procedures.

Supply chain mapping and collation of supporting documentation
Legislation such as the U.S. Uyghur Forced Labor Prevention Act (UFLPA) requires companies to better understand who’s in their supply chain. Knowing who’s in your supply chain expands the scope of your existing compliance program (e.g., sanctions).
Robust enforcement of the UFLPA by U.S. Customs and Border Protection (CBP) involves companies providing significant documentation to demonstrate that a product hasn’t been made using raw materials directly or indirectly sourced from the Xinjiang province of China, a high-risk area for forced labor and human rights violations. This is prompting importers to demand that their suppliers be prepared to provide such documentation. (See “Uyghur Forced Labor Prevention Act,” U.S. Customs and Border Protection, tinyurl.com/mvhr5hyc.)

How CFEs can help
CFEs can use their skills to help map an organization’s supply chain by:

Providing procurement and compliance efforts to identify secondary, tertiary and other indirect suppliers of human-rights-sensitive goods or services across the supply chain.
Supporting screening efforts to identify sanctioned parties and companies listed on the UFLPA Entity List (dhs. gov/uflpa-entity-list).
Using analytics and visualization tools to construct a supply chain heat map and implement monitoring processes tied to transactional data.

Answering the call
Forced labor is widespread and poses a fundamental threat, not just to human rights and our sensibilities, but also to companies that operate within the law but may be affected through their supply chains. Some countries have been known to use prison labor to produce goods or raw materials or to employ children with unfair labor practices.

There’s no easy fix, but many of the same skills, analytical tools and methods that CFEs use can be applied to protecting organizations from risks posed by forced labor. CFEs have a critical role to play in fighting this urgent problem. FM

Vincent M. Walden, CFE, CPA, is the CEO of konaAI, an AI-driven anti-fraud, investigations and compliance technology software company providing easy to-use, cost-effective vendor, customer and employee transaction risk analytics. He works closely with CFEs, internal auditors, compliance, audit, legal and finance professionals and welcomes your feedback and ideas. Contact Walden at vwalden@konaai.com.